package cn.edu.njuit.springbootfilmreview.filters;

import cn.edu.njuit.springbootfilmreview.dto.AccountInfo;
import cn.edu.njuit.springbootfilmreview.service.impl.UserTokenService;
import com.alibaba.fastjson.JSONObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

/**
 * 核心api拦截器
 */

@Component
@WebFilter(urlPatterns = "/api/*")
public class ApiFilter implements Filter {

    @Autowired
    UserTokenService userTokenService;

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {

    }

    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        //拦截req，判断是否有token
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        request.setCharacterEncoding("utf8");
        String url = request.getRequestURL().toString();
        //如果是登录或者验证码相关的资源，直接放行，不需要登录令牌。
        if (url.indexOf("/api/login") >= 0
                || url.indexOf("/api/works-info/getAllWorksInfo") >= 0
                || url.indexOf("api/movie-info") >= 0
                || url.indexOf("api/layout") >= 0
                || url.indexOf("/api/registered") >= 0
                || url.indexOf("validate-code") >= 0
                || url.indexOf("swagger") >= 0
                || url.indexOf("v2") >= 0) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        String token = request.getParameter("token");
        if (token != null) {
            //对token进行校验
            AccountInfo u = userTokenService.getUser(token);
            if (u != null) {
                //放行
                filterChain.doFilter(servletRequest, servletResponse);
            } else {
                HttpServletResponse response = (HttpServletResponse) servletResponse;
                JSONObject error = new JSONObject();
                error.put("error", "令牌错误，身份信息不合法");
                response.setStatus(401);
                response.setContentType("application/json;charset=utf8");
                response.getWriter().write(error.toJSONString());
            }
        } else {
            HttpServletResponse response = (HttpServletResponse) servletResponse;
            JSONObject error = new JSONObject();
            error.put("error", "请登录认证");
            response.setStatus(401);
            response.setContentType("application/json;charset=utf8");
            response.getWriter().write(error.toJSONString());
        }
    }

    @Override
    public void destroy() {

    }
}
